CVE-2018-20329

2018-12-21T06:29:00
ID CVE-2018-20329
Type cve
Reporter cve@mitre.org
Modified 2019-01-07T14:44:00

Description

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.